# Filters added to this controller apply to all controllers in the application.
# Likewise, all the methods added will be available for all controllers.

class ApplicationController < ActionController::Base
  before_filter :authorize, :except => :login 
  before_filter :fetch_logged_in_user
  helper :all # include all helpers, all the time

  # See ActionController::RequestForgeryProtection for details
  # Uncomment the :secret if you're not using the cookie session store
  protect_from_forgery :secret => '5883de77974eb57357e80e7c42b23add'
  
  # See ActionController::Base for details 
  # Uncomment this to filter the contents of submitted sensitive data parameters
  # from your application log (in this case, all fields with names like "password"). 
  # filter_parameter_logging :password
  
    
  protected 
      
      def fetch_logged_in_user
        return unless session[:user_id]
        @current_user = User.find_by_id(session[:user_id])
      end
      
      def authorize 
        unless User.find_by_id(session[:user_id]) 
          flash[:notice] = "Please log in" 
          redirect_to :controller => :auth, :action => :login 
        end 
      end 
    
    end
  